If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Pros...It works like its supposed to. Can be updated. Great for securing your network.
Cons..It works like its supposed to. Great for scanning other sites (although it does get logged quickly). Also, the setup is a little tricky, because some of the instructions are wrong. The windows client sucks.

Nessus is just one of a handful of vuln. scanners that are pretty much the same.

nessus is the best vulnerability scanner around. I have tried many including, Webtrends, CA Cybercop, Symantec Netrecon, and several others.

I would say that the only limitation to this point is it's reporting features. Although it will still generate HTML outputs, along with several other types, it is just not quite as robust in that aspect as several of the others. I also think the setup is about as easy as it gets:

For the price, Nessus is a great tool. It stays up to date with vulnerabilities and the subsequent attacks, does a fair job of reporting the problem/correction intelligbly, is fairly easy to use, and is customizable to the environment that you are in; however, it can be extremely slow if you scan anything over a few devices. The attacks are also precanned, well known attacks that will make any IDS or system log light up like a christmas tree. So it is anywhere from good to outstanding, depending on what you are looking for and the amount of money you are able to pony up...

There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

How well does it compare to Saint, that is, what are the advantages/disadvantages if any. Is one more accurate, detectable, stable, etc?

I've not found a version that works well with FreeBSD yet and subsequently have not had chance to compare yet. Soon though I would like to think. CVsup runs tonight, so it should happen pretty quickly.

\"I believe that you can reach the point where there is no longer any difference between developing the habit of pretending to believe and developing the habit of believing.\"